change log for rtems (2011-06-24)
rtems-vc at rtems.org
rtems-vc at rtems.org
Fri Jun 24 10:12:21 UTC 2011
*sh*:
2011-06-24 Arnout Vandecappelle <arnout at mind.be>
Sebastien Bourdeauducq <sebastien at milkymist.org>
PR 1724/cpukit
* ftpd/ftpd.h, ftpd/ftpd.c: Added USER/PASS authentication.
M 1.2859 cpukit/ChangeLog
M 1.11 cpukit/ftpd/ftpd.h
M 1.26 cpukit/ftpd/ftpd.c
diff -u rtems/cpukit/ChangeLog:1.2858 rtems/cpukit/ChangeLog:1.2859
--- rtems/cpukit/ChangeLog:1.2858 Fri Jun 17 10:54:58 2011
+++ rtems/cpukit/ChangeLog Fri Jun 24 05:00:36 2011
@@ -1,3 +1,9 @@
+2011-06-24 Arnout Vandecappelle <arnout at mind.be>
+ Sebastien Bourdeauducq <sebastien at milkymist.org>
+
+ PR 1724/cpukit
+ * ftpd/ftpd.h, ftpd/ftpd.c: Added USER/PASS authentication.
+
2011-06-17 Joel Sherrill <joel.sherrill at oarcorp.com>
* rtems/include/rtems/rtems/tasks.h: Complete manager description.
diff -u rtems/cpukit/ftpd/ftpd.h:1.10 rtems/cpukit/ftpd/ftpd.h:1.11
--- rtems/cpukit/ftpd/ftpd.h:1.10 Wed Feb 23 08:08:45 2011
+++ rtems/cpukit/ftpd/ftpd.h Fri Jun 24 05:00:36 2011
@@ -25,6 +25,8 @@
typedef int (*rtems_ftpd_hookfunction)(char *, size_t);
+#include <rtems/shell.h>
+
struct rtems_ftpd_hook
{
char *filename;
@@ -45,6 +47,8 @@
int access; /* 0 - r/w, 1 - read-only,
2 - write-only,
3 - browse-only */
+ rtems_shell_login_check_t login; /* Login check or 0 to ignore
+ user/passwd. */
};
/*
diff -u rtems/cpukit/ftpd/ftpd.c:1.25 rtems/cpukit/ftpd/ftpd.c:1.26
--- rtems/cpukit/ftpd/ftpd.c:1.25 Tue Jun 7 04:08:37 2011
+++ rtems/cpukit/ftpd/ftpd.c Fri Jun 24 05:00:36 2011
@@ -1,17 +1,19 @@
/* FIXME: 1. Parse command is a hack. We can do better.
- * 2. Some sort of access control?
- * 3. OSV: hooks support seems to be bad, as it requires storing of
+ * 2. OSV: hooks support seems to be bad, as it requires storing of
* entire input file in memory. Seem to be better to change it to
* something more reasonable, like having
* 'hook_write(void const *buf, int count)' routine that will be
* called multiple times while file is being received.
- * 4. OSV: Remove hack with "/dev/null"?
+ * 3. OSV: Remove hack with "/dev/null"?
*
* FTP Server Daemon
*
* Submitted by: Jake Janovetz <janovetz at tempest.ece.uiuc.edu>
*
* Changed by: Sergei Organov <osv at javad.ru> (OSV)
+ * Arnout Vandecappelle <arnout at mind.be> (AV)
+ * Sebastien Bourdeauducq <sebastien at milkymist.org> (MM)
+ *
*
* Changes:
*
@@ -19,6 +21,10 @@
*
* * Support spaces in filenames
*
+ * 2010-04-29 Arnout Vandecappelle (Essensium/Mind) <arnout at mind.be>
+ *
+ * * Added USER/PASS authentication.
+ *
* 2001-01-31 Sergei Organov <osv at javad.ru>
*
* * Hacks with current dir and root dir removed in favor of new libio
@@ -153,6 +159,7 @@
* Change History:
* 12/01/97 - Creation (JWJ)
* 2001-01-08 - Changes by OSV
+ * 2010-04-29 - Authentication added by AV
*************************************************************************/
/*************************************************************************
@@ -267,6 +274,9 @@
int idle; /* Timeout in seconds */
int xfer_mode; /* Transfer mode (ASCII/binary) */
rtems_id tid; /* Task id */
+ char *user; /* user name (0 if not supplied) */
+ char *pass; /* password (0 if not supplied) */
+ bool auth; /* true if user/pass was valid, false if not or not supplied */
} FTPD_SessionInfo_t;
@@ -798,7 +808,7 @@
struct stat stat_buf;
int res = 0;
- if(!can_read())
+ if(!can_read() || !info->auth)
{
send_reply(info, 550, "Access denied.");
return;
@@ -944,7 +954,7 @@
typedef ssize_t (*WriteProc)(int, void const*, size_t);
WriteProc wrt = &write;
- if(!can_write())
+ if(!can_write() || !info->auth)
{
send_reply(info, 550, "Access denied.");
return;
@@ -1270,6 +1280,12 @@
time_t curTime;
int sc = 1;
+ if(!info->auth)
+ {
+ send_reply(info, 550, "Access denied.");
+ return;
+ }
+
send_reply(info, 150, "Opening ASCII mode data connection for LIST.");
s = data_socket(info);
@@ -1338,6 +1354,12 @@
static void
command_cwd(FTPD_SessionInfo_t *info, char *dir)
{
+ if(!info->auth)
+ {
+ send_reply(info, 550, "Access denied.");
+ return;
+ }
+
if(chdir(dir) == 0)
send_reply(info, 250, "CWD command successful.");
else
@@ -1364,6 +1386,13 @@
char const* cwd;
errno = 0;
buf[0] = '"';
+
+ if(!info->auth)
+ {
+ send_reply(info, 550, "Access denied.");
+ return;
+ }
+
cwd = getcwd(buf + 1, FTPD_BUFSIZE - 4);
if(cwd)
{
@@ -1401,6 +1430,12 @@
struct stat stbuf;
char buf[FTPD_BUFSIZE];
+ if(!info->auth)
+ {
+ send_reply(info, 550, "Access denied.");
+ return;
+ }
+
if (0 > stat(fname, &stbuf))
{
snprintf(buf, FTPD_BUFSIZE, "%s: %s.", fname, serr());
@@ -1725,13 +1760,46 @@
send_reply(info, 504, "Type not implemented. Set to I.");
}
}
- else if (!strcmp("USER", cmd) || !strcmp("PASS", cmd))
+ else if (!strcmp("USER", cmd))
{
- send_reply(info, 230, "User logged in.");
+ sscanf(args, "%254s", fname);
+ if (info->user)
+ free(info->user);
+ if (info->pass)
+ free(info->pass);
+ info->pass = NULL;
+ info->user = strdup(fname);
+ if (rtems_ftpd_configuration.login &&
+ !rtems_ftpd_configuration.login(info->user, NULL)) {
+ info->auth = false;
+ send_reply(info, 331, "User name okay, need password.");
+ } else {
+ info->auth = true;
+ send_reply(info, 230, "User logged in.");
+ }
+ }
+ else if (!strcmp("PASS", cmd))
+ {
+ sscanf(args, "%254s", fname);
+ if (info->pass)
+ free(info->pass);
+ info->pass = strdup(fname);
+ if (!info->user) {
+ send_reply(info, 332, "Need account to log in");
+ } else {
+ if (rtems_ftpd_configuration.login &&
+ !rtems_ftpd_configuration.login(info->user, info->pass)) {
+ info->auth = false;
+ send_reply(info, 530, "Not logged in.");
+ } else {
+ info->auth = true;
+ send_reply(info, 230, "User logged in.");
+ }
+ }
}
else if (!strcmp("DELE", cmd))
{
- if(!can_write())
+ if(!can_write() || !info->auth)
{
send_reply(info, 550, "Access denied.");
}
@@ -1754,7 +1822,7 @@
{
int mask;
- if(!can_write())
+ if(!can_write() || !info->auth)
{
send_reply(info, 550, "Access denied.");
}
@@ -1773,7 +1841,7 @@
}
else if (!strcmp("RMD", cmd))
{
- if(!can_write())
+ if(!can_write() || !info->auth)
{
send_reply(info, 550, "Access denied.");
}
@@ -1790,7 +1858,7 @@
}
else if (!strcmp("MKD", cmd))
{
- if(!can_write())
+ if(!can_write() || !info->auth)
{
send_reply(info, 550, "Access denied.");
}
@@ -1894,6 +1962,8 @@
/* Close connection and put ourselves back into the task pool. */
close_data_socket(info);
close_stream(info);
+ free(info->user);
+ free(info->pass);
task_pool_release(info);
}
}
@@ -1980,6 +2050,12 @@
info->data_addr.sin_port =
htons(ntohs(info->ctrl_addr.sin_port) - 1);
info->idle = ftpd_timeout;
+ info->user = NULL;
+ info->pass = NULL;
+ if (rtems_ftpd_configuration.login)
+ info->auth = false;
+ else
+ info->auth = true;
/* Wakeup the session task. The task will call task_pool_release
after it closes connection. */
rtems_event_send(info->tid, FTPD_RTEMS_EVENT);
--
Generated by Deluxe Loginfo [http://www.codewiz.org/projects/index.html#loginfo] 2.122 by Bernardo Innocenti <bernie at develer.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rtems.org/pipermail/vc/attachments/20110624/5f156ea0/attachment.html>
More information about the vc
mailing list